By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
449,243 Members | 1,141 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 449,243 IT Pros & Developers. It's quick & easy.

Help with taking out Payment verification please

P: 2
Hi - Happy New Year!
I have a web-site which accepted paypal payment for membership. No-one's buying so I want to make it free. The page which inputs the member details into the database needs verification, and I want to bypass the verification, but I can't figure it out. Can anyone help. - I have pasted the script below.

Many thanks,
Jano
[php]
<? include("header.php"); ?>
<?
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);

// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];

if (!$fp) {
// HTTP ERROR
} else {
fputs ($fp, $header . $req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {
//check the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process payment
}
else if (strcmp ($res, "INVALID") == 0) {
// log for manual investigation
}
}
fclose ($fp);
}
if (strcmp ($res, "VERIFIED") == 0) {
echo "Payment Sucessful"; } else { echo "Payment Unsucessful"; }

?>
</form>
<?
include("con1.php");
$sql = mysql_query ("select * from genel where language='$language'");
$sonuc = mysql_fetch_array($sql) ;
?><br>

<tr><td colspan="3">
Üyelik işleminiz tamamlanmıştır.

</td></TR><br>
<form action="kabul.php" method="post" name="kabul">

<tr><td align="left" valign="top" width="150"> <? echo $sonuc[bbh]; ?>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td><td align="left" valign="top" width="150"><input type="text" name="user"></td></tr>

<tr><td align="left" valign="top"> <? echo $sonuc[bbk]; ?> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td><td align="left" valign="top" width="150"><input type="text" name="email"></td></tr>
<tr><td align="center" colspan="2" valign="top"><br><input type="submit" name="subnmas" <? if($language=="Turkish") {?> value="Devam"<? }else { ?>value="Submit"<?}?>></td></tr>
</form>
<?
if ($subnmas){
include("con1.php");
$user="$HTTP_POST_VARS[user]";
$email="$HTTP_POST_VARS[email]";
$a=mysql_query("select * from uyeleryedek where username='$user' and email='$email'");
$kul_kontrol_et=mysql_num_rows($a);
if($kul_kontrol_et=="") {

echo "<SCRIPT>alert(\" Yazdığınız bilgilerle uyumlu kullanıcı bulanamadı. Lütfen tekrar deneyin. There is a problem. Please check your username has been entered correctly \");</SCRIPT>";

}else{
include("con1.php");
$sql = mysql_query ("select * from uyeleryedek where username='$user' and email='$email'");
$sonuc = mysql_fetch_array($sql) ;

include("con1.php");
mysql_query ("INSERT INTO uyeler (adsoyad, email, sirketadresi, sehirilce, ilce, vergidairesi, verginumarasi, telnum, faxnum, cepnum, dil, username, password, uyecesit, sure, baslamatarihi, bitistarihi,websayfasi ) VALUES ('$sonuc[adsoyad]', '$sonuc[email]', '$sonuc[sirketadresi]', '$sonuc[secilen]', '$sonuc[ilce]', '$sonuc[vergidairesi]', '$sonuc[verginumarasi]', '$sonuc[telnum]', '$sonuc[faxnum]', '$sonuc[cepnum]', '$sonuc[dil]', '$sonuc[username]', '$sonuc[password]', '$sonuc[uyecesit]','$sonuc[sure]','$sonuc[bugun]','$sonuc[bitis]','$sonuc[websayfasi]')");

echo "<SCRIPT>alert(\"İşleminiz başarıyla tamamlandı. / Your account succesfully. \");</SCRIPT>";
}

}

?>

<br>
<br>

Thank you for your payment.

<br><br>
Yaptiginiz odeme icin Tesekkur ederiz.
<br><br>
<? include("footer.php"); ?>[/php]
Jan 1 '07 #1
Share this Question
Share on Google+
3 Replies


ronverdonk
Expert 2.5K+
P: 4,258
Please read the Posting Guidelines before you post in this forum!.
Especially the part about enclosing all code within code, html or php tags.
The page which inputs the member details into the database needs verification, and I want to bypass the verification
The script shown is (see your comment at the top of the code) called by the PayPal system. Paypal does not do that on its own, you must have requested that. And that piece of code is nowhere to be seen here.

So first you need to prevent that the request to Paypal is initiated by you.
Then this script will not be called ever.

Ronald :cool:
Jan 1 '07 #2

P: 2
Please read the Posting Guidelines before you post in this forum!.
Especially the part about enclosing all code within code, html or php tags.

The script shown is (see your comment at the top of the code) called by the PayPal system. Paypal does not do that on its own, you must have requested that. And that piece of code is nowhere to be seen here.

So first you need to prevent that the request to Paypal is initiated by you.
Then this script will not be called ever.

Ronald :cool:

Hi Ronald,

Thanks for your reply. I've de-activated the paypal, my problem is that without the verification, the date of membership and the city the member is in is not recorded in the database, which makes a search inopperable. I don't know which piece of code activates the submit to the site database - my understanding is that the web designer rigged it so that without the verification, the membership would not activate.

Is there any way to make the information submit without the verification?

Once again, thanks for your time,

Jano
Jan 2 '07 #3

ronverdonk
Expert 2.5K+
P: 4,258
As far as I can deduct from the code, and I have to say 'deduct' because it is not really structured and commented, you need a userid and an email address to pull the data from a table and then you insert all that data plus something else in another table.

So, instead of wading through this bunch of (mostly) redundant code and weeding out all Paypal relating things, I strongly suggest that you start this script from scratch. You can of course use parts of the code shown, but I wouldn't take things out of the logic, but start the logic in a new script. That cannot be too much work.

Only thing left is then: how to call this script yourself, because originally it is invoked by PayPal. So then you must, instead of invoking the Paypal system, call this script from your own code.

Ronald :cool:
Jan 2 '07 #4

Post your reply

Sign in to post your reply or Sign up for a free account.